richvdh
commented
5 months ago This is related to https://github.com/element-hq/element-web/issues/26322, in that both are about updating the private key in 4S without updating the public key.
Open richvdh opened 5 months ago
richvdh
commented
5 months ago This is related to https://github.com/element-hq/element-web/issues/26322, in that both are about updating the private key in 4S without updating the public key.
pmaier1
commented
5 months ago @kegsay from what I've heard you took over progressing on the mentioned MSC recently. I see it's already been implemented in Synapse. What's the status? Can we get it done as a fix for this case?
richvdh
commented
5 months ago @pmaier1 to be clear: whilst MSC3967 might help with this, it's not a complete fix. The key upload can fail for plenty of other reasons that are not related to UIA.
BillCarsonFr
commented
5 months ago 
kegsay
commented
5 months ago @pmaier1 No, the fix I'm applying does not seem to apply here. My change improves robustness when on poor networks, which does not appear to be the case here. This particular issue appears to be server misconfiguration.
pmaier1
commented
5 months ago This particular issue appears to be server misconfiguration.
Just misconfiguration? So not an actual bug that needs fixing?
kegsay
commented
5 months ago This issue is still a valid bug because:
The key upload can fail for plenty of other reasons that are not related to UIA.
Server misconfiguration can cause UIA errors, which is the root cause for the rageshakes we have received.
venimus
commented
5 months ago This issue is still a valid bug because:
The key upload can fail for plenty of other reasons that are not related to UIA.
Server misconfiguration can cause UIA errors, which is the root cause for the rageshakes we have received.
I have the same issue with 1.11.6x versions, downgrading to 1.11.5x resolved the issue
When first logging in on a new account, we try to publish cross-signing keys (via
/device_keys/upload).This process can fail for example, if the homeserver is configured to use SSO auth. (Publishing the public keys requires user-interactive auth, which may fail. https://github.com/matrix-org/matrix-spec-proposals/pull/3967 is an attempt to help with that,
but is as yet unstandardised. Edit 2024-06-11: It is now standardised, and https://github.com/element-hq/synapse/pull/17284 lands support for it in Synapse.)If the process fails (either because the HS rejects it or the user gets bored of trying to do UIA), we show an error:
After that point, the application is fully-functional, and will even allow you to set up 4S and store the private cross-signing keys in 4S. The problem is that there is no further attempt to publish the public keys, so the account is now totally broken until the user resets cross-signing.